[ALSA-2021:4179] Low: file-roller security update
Type:
security
Severity:
low
Release date:
2021-11-12
Description:
File Roller is an application for creating and viewing archives files, such as tar or zip files. Security Fix(es): * file-roller: directory traversal via directory symlink pointing outside of the target directory (incomplete fix for CVE-2020-11736) (CVE-2020-36314) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 file-roller-3.28.1-4.el8.aarch64.rpm e30ff57a4994baa6bfc34120c37cc8d20c41f0bb6472df825b26336c286de65d
ppc64le file-roller-3.28.1-4.el8.ppc64le.rpm a588a29e5206abdbc2911bca30a2f09f5588e0c69921494e411805e018456ad7
x86_64 file-roller-3.28.1-4.el8.x86_64.rpm 0fe5ddebcb6dc571a91448460f4317ad2d69b51f3ce04e810b2f54edf43f61f9
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.